feat: use https for backend and add test cert

Author: ctrlc03

packages/backend/.env.example

@@ -8,3 +8,11 @@ HAT_ID=""
 ETH_PRIVATE_KEY=""
 # The RPC URL for the EVM network
 RPC_URL=""
+# The path to the TLS cert
+TLS_CERT=""
+# The path to the TLS key
+TLS_KEY=""
+# The port to listen on
+PORT=""
+# The IP to bind to
+BIND_IP=""

packages/backend/cert.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDDDCCAfQCCQCdGYDNX5c3CTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQKDApI
+YWNraW5nUFNFMRMwEQYDVQQDDApoYWNraW5ncHNlMRwwGgYJKoZIhvcNAQkBFg1h
+ZG1pbkBwc2UuZGV2MB4XDTI0MDgyODEzMTcwMloXDTI1MDgyODEzMTcwMlowSDET
+MBEGA1UECgwKSGFja2luZ1BTRTETMBEGA1UEAwwKaGFja2luZ3BzZTEcMBoGCSqG
+SIb3DQEJARYNYWRtaW5AcHNlLmRldjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALXbdoVtb/XxjBUYK9Uj5FSTNbUOXnsdjBwTCGWWvnCqwIoGAQIybY5K
+ZTj7x+mbE0el3444s7Qo5yX8BQwFjKoLVHuVjZde0MTD3zVoWur+bnAgkWhTOi7o
+Hsb2znaRLuzJtyIKBWZM56zB0xbbFWADrQCjxSkh4GKCL2zVofRGOU2vP7n1n3nZ
+thhrPDfLf0bt9RmuopZMD+13s/DNJt1SPj/RJT2KU91cfLT/8e7lzzXpTJ1XUHRm
+7e0C8hjlxUUeUWSxMkBQHoRrpxU+LRRhbFTFE6KOnlVQJo6JkOaaMOuxwZu0dZLO
+QVKwHbsi87uRMloTZw+zxubTzgiSB2kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA
+EZUTjI3AMyll0amgZIVx35OVLpSADHhG3NYGiqyVEFXSTEg0Crlc3DPIc8EzZqSX
+DelIz20G/A4kzM8Edep6ngMkaYw7K9O96uu9JFnEIUCWlqErWFungSaQ9D+tWu5/
+3UwiDwnnDMgSwrwoYmB1Bcgv59Fjq21tOotcu9ZyOR01d4p5prF9mLEPofPUpnmi
+Y3TY1j/L0dcn11GUrRJl7uM/Xm4O06P6+I20Mo5FOnaLelv2tjwObv5W6Tj4wre4
+cCihW9f9SYN6txFNfXm5E8H3TlL04DonBDqrfhX/5PF+asfKDZFpY4ZiccbfTHO9
+hGYPi2ACDil9nR7Xamnw1A==
+-----END CERTIFICATE-----

packages/backend/key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAtdt2hW1v9fGMFRgr1SPkVJM1tQ5eex2MHBMIZZa+cKrAigYB
+AjJtjkplOPvH6ZsTR6XfjjiztCjnJfwFDAWMqgtUe5WNl17QxMPfNWha6v5ucCCR
+aFM6LugexvbOdpEu7Mm3IgoFZkznrMHTFtsVYAOtAKPFKSHgYoIvbNWh9EY5Ta8/
+ufWfedm2GGs8N8t/Ru31Ga6ilkwP7Xez8M0m3VI+P9ElPYpT3Vx8tP/x7uXPNelM
+nVdQdGbt7QLyGOXFRR5RZLEyQFAehGunFT4tFGFsVMUToo6eVVAmjomQ5pow67HB
+m7R1ks5BUrAduyLzu5EyWhNnD7PG5tPOCJIHaQIDAQABAoIBAF18Vi89FOMfqt1l
+MZM+AjCgBGnw2wz7IX2FIznmBjww6w2JDJeuiLcu814ZwKkMORsJ4CRiba7doAXc
+ylNlvuvjKyjktobsDPI5ptLztFk9NlSZyWYR8sUOOlQZqAU3mSHMiEINWL1AJ5Cd
+iwAi25giC5talQ4SBiFdvzd5kunZGcmQv8jnIs3eA6PbuNK7O+JrqXVmtd8hCOyQ
+G8zOL5qEh+gSrUYz+aU5hB5H7LdmWnXwqfM3zSQ3Db+M78dIgMgd932Miuryk7yI
+NUf4rnSIPjWHd716/9baSi41NmhzjCpZXwcTBeSdqRn1dcS2tND1KG1x4pFPfbz3
+kTlonqECgYEA3iC6pVUvmzS/CtYAvxKiH73sbrTqmaNvsbMFPPJVYBLf1m2BXtNw
+bmG7lUidB970oj2fNDZO6KcTcdf7psm0B0QQtgINIj5MJG0Cmkw/h2VjL9xSLkSm
+zaNanx/unlm0Tq5CGgdx7FZ5yDyrKZm++o4kQF64WjWySvcz42U9jD0CgYEA0Zat
+/FvQs+Ih7+RNq19Gp2QcMoLa9UjTVyY98JycrDSJ8W3l5lpJUDxG6Pmdicq9gW9K
+qJDXvZ8f48y6tFY6grbiW7JdubiSBY6amEfVGCQdM+5p1CQWy6aXKRz/+ZrCIoKx
+tQpnbZBf+sSp2O0AY3CsmLkXucYJNi0xz13Rfp0CgYBcOIhlJgXa0T5TuF+c9JZ8
+yTRFDjWsTc+Mnj+Zex75AT0PYG1quiwel9LyerA/WVCFn0HewoFmVB9dj4c6StnE
+fnzVo+piAi1Inj2LZAaoJu7UKwuvi+8Yxy5TjEVcVu/mDrEA74Bb19c9y/pgDiXd
+DnB8jRbK1SpNt25ChYDVHQKBgQC4sFYbFnF/wlpzgbRrumaRZSdv313BXe5WUq2s
+VOW+3gFcjaJUbeVC3gsCi8wmO1DpOUAJ8LEcOJeqbqNr/LxMqYookbID0cBjQzm5
+zTrbrh9JvuLk/PRVezSjFxn+Q0CllpOwXD2uD9Z0LU8aiCaaehSt9BUTMI63ffXx
+rNPKBQKBgEYlIIyjnfDvCGs54ypKTEPtR0LgD1MjZ+av2b2REtNFfhL8a6sZt1Hl
+6QzT8cx0oCEHtN/vCLuEqDn+QKOlwU5bwY/FDO1nryyXDatzzMhoj8k2zzWJJVFJ
+ehY6/iF0mIwCfW6dmx8vt3P5uG261pBIJZyLGhFwCEeM9ww/lMI9
+-----END RSA PRIVATE KEY-----

packages/backend/package.json

@@ -4,6 +4,7 @@
   "description": "The backed for hacking PSE",
   "main": "index.js",
   "scripts": {
+    "build": "tsc",
     "dev": "ts-node-dev src/index.ts"
   },
   "keywords": [],

packages/backend/src/constants.ts

@@ -5,4 +5,8 @@ export const HATS_ADDRESS = "0x3bc1A0Ad72417f2d411118085256fC53CBdDd137"
 export const SEMAPHORE_ADDRESS = "0x71B93f8b0583f4033FAA1EE47d448B572933cefe"
 export const HAT_ID = process.env.HAT_ID || "0"
 export const CHAIN_ID = "11155420"
-export const PRIVATE_KEY = process.env.ETH_PRIVATE_KEY && process.env.ETH_PRIVATE_KEY.startsWith("0x") ? process.env.ETH_PRIVATE_KEY as `0x${string}` : `0x${process.env.ETH_PRIVATE_KEY}` as `0x${string}`
+export const PRIVATE_KEY = process.env.ETH_PRIVATE_KEY && process.env.ETH_PRIVATE_KEY.startsWith("0x") ? process.env.ETH_PRIVATE_KEY as `0x${string}` : `0x${process.env.ETH_PRIVATE_KEY}` as `0x${string}`
+export const PORT = Number.parseInt(process.env.PORT!) || 3001
+export const BIND_IP = process.env.BIND_IP || "0.0.0.0"
+export const TLS_KEY = process.env.TLS_KEY || "./key.pem"
+export const TLS_CERT = process.env.TLS_CERT || "./cert.pem"

packages/backend/src/index.ts

@@ -1,16 +1,17 @@
 import express from 'express'
 import bodyParser from 'body-parser'
 import cors from 'cors'
+import https from 'https'
+import fs from 'fs'
 
 import { sendOtp, verifyOtp } from './otp'
 import { getDb, initDb } from './db'
 import { hatsClient } from './hats'
-import { HAT_ID } from './constants'
+import { BIND_IP, HAT_ID, PORT, TLS_CERT, TLS_KEY } from './constants'
 import { account } from './account'
 import { SendOtpSchema, VerifyOtpSchema } from './types';
 
 const app = express()
-const port = 3001
 
 // todo: update origin to the frontend domain
 app.use(cors({
@@ -113,8 +114,12 @@ app.post('/verify-otp', async (req, res) => {
 
 // init db then start listening service
 initDb().then(() => {
-    app.listen(port, () => {
-        console.log(`Server is running on http://localhost:${port}`)
+    const httpsOptions = {
+        cert: fs.readFileSync(TLS_CERT),
+        key: fs.readFileSync(TLS_KEY)
+    }
+    https.createServer(httpsOptions, app).listen(PORT, BIND_IP, () => {
+        console.log(`Server is running on https://${BIND_IP}:${PORT}`)
     })}).catch((err: any) => {
         console.error('Failed to initialize database', err)
     })

packages/contracts/.env.default

@@ -1,3 +1,3 @@
 SEPOLIA_RPC_URL=
 PRIVATE_KEY=
-ETHERSCAN_API_KEY=
+ETHERSCAN_API_KEY=

packages/interface/.env.example

@@ -91,3 +91,5 @@ NEXT_PUBLIC_TALLY_URL=https://upblxu2duoxmkobt.public.blob.vercel-storage.com
 NEXT_PUBLIC_POLL_MODE="non-qv"
 
 NEXT_PUBLIC_ROUND_LOGO="round-logo.png"
+
+NEXT_PUBLIC_BACKEND_URL="https://localhost:3001"

packages/interface/src/config.ts

@@ -114,6 +114,7 @@ export const config: Config = {
   pollMode: process.env.NEXT_PUBLIC_POLL_MODE ?? "non-qv",
   roundLogo: process.env.NEXT_PUBLIC_ROUND_LOGO,
   semaphoreSubgraphUrl: process.env.NEXT_PUBLIC_SEMAPHORE_SUBGRAPH,
+  backendUrl: process.env.NEXT_PUBLIC_BACKEND_URL!,
 };
 
 export const theme = {

packages/interface/src/env.js

@@ -69,6 +69,8 @@ module.exports = createEnv({
     NEXT_PUBLIC_ROUND_LOGO: z.string().optional(),
 
     NEXT_PUBLIC_SEMAPHORE_SUBGRAPH: z.string().url().optional(),
+
+    NEXT_PUBLIC_BACKEND_URL: z.string().url().optional(),
   },
 
   /**
@@ -109,6 +111,8 @@ module.exports = createEnv({
     NEXT_PUBLIC_ROUND_LOGO: process.env.NEXT_PUBLIC_ROUND_LOGO,
 
     NEXT_PUBLIC_SEMAPHORE_SUBGRAPH: process.env.NEXT_PUBLIC_SEMAPHORE_SUBGRAPH,
+
+    NEXT_PUBLIC_BACKEND_URL: process.env.NEXT_PUBLIC_BACKEND_URL,
   },
   /**
    * Run `build` or `dev` with `SKIP_ENV_VALIDATION` to skip env validation. This is especially

packages/interface/src/pages/signup/registerEmail.tsx

@@ -33,9 +33,8 @@ const RegisterEmail = (): JSX.Element => {
   const [emailField, setEmail] = useState<EmailField>();
 
   const registerEmail = async (emailField: EmailField) => {
-    const url = "http://localhost:3001/send-otp";
     try {
-      const response = await fetch(url, {
+      const response = await fetch(config.backendUrl, {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
@@ -65,8 +64,7 @@ const RegisterEmail = (): JSX.Element => {
     const { otp: otp } = otpField;
 
     try {
-      const url = "http://localhost:3001/verify-otp";
-      const response = await fetch(url, {
+      const response = await fetch(config.backendUrl, {
         method: "POST",
         headers: {
           "Content-Type": "application/json",

packages/interface/src/utils/types.ts

@@ -105,4 +105,5 @@ export type Config = {
   pollMode: string;
   roundLogo: string | undefined;
   semaphoreSubgraphUrl: string | undefined;
+  backendUrl: string;
 };